What is Claimed: 



1. A method! of preventing a flooding attack on a network 
server in whidh a large number of connectionless datagrams are 
received for 1 queuing to a port number on the server, 
comprising : \ 

determinirL, in response to the arrival of a datagram 
from a host for\a port number on the server, if the number of 
datagrams alreafly queued to the port number from the host 
exceeds a prescrlibed threshold, and, if so, 

discarding the datagram. 

2 . The method clf claim 1 wherein the determining if the 
number of datagrams already queued to the port number from the 
host exceeds a prescribed threshold further comprises: 



calculating 
percentage P by t 
port number. 

3 . Apparatus f oi 
server in which a 
queuing to a port 



the prescribed threshold by multiplying a 
he number of available queue slots for the 



preventing a flooding attack on a network 
large number of datagrams are received for 
number on the server, comprising: 



Docket No. RSW-OO-OOIO 



8 



means for determining, in response to a datagram from a 
host for a port number on the server, if the number of 
datagrams queued op the port by the host exceeds a prescribed 
threshold, and 



means respons 
the datagram. 



ive to the determining means for discarding 



4 . The method of 
if the number of da 
host exceeds a pre 



ca 



means for 
multiplying a perc 
slots for the port 



claim 3 wherein the means for determining 
:agrams already queued to the port from the 
cribed threshold further comprises: 



Iculating the prescribed threshold by 
entage P by the number of available queue 
number . 



5. A storage media containing program code segments for 



preventing a flood 
large number of da 



number on the server, comprising: 



a first code 



ing attack on a network server in which a 
:agrams are received for queuing to a port 



segment activated in response to a datagram 
from a host for a i)ort number on the server for determining if 
the number of datagrams already queued to the port from the 
host exceeds a proscribed threshold, and 



a second code segment responsive to the first code 
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segment for discarding the datagram. 



6. The storage media of claim 5 wherein the first code 
segment further Comprises: 



a third coke segment for calculating the prescribed 
threshold by mulltiplying a percentage P by the number of 
.available queue dlots for the port number. 

7. A carrier ' wave containing program code segments for 
preventing a f loading attack on a network server in which a 
large number of datagrams are received for queuing to a port 
number on the serk/^er, comprising: 

a first code segment activated in response to a datagram 
from a host for Queuing to a port number on the server for 
determining if the number of datagrams already queued to the 
port from the host exceeds a prescribed threshold, and 

a second code segment responsive to the first code 
segment for discarding the datagram. 



8. The carrier wave of claim 7 wherein the first code segment 
further comprises: 



a third dode segment for calculating the prescribed 
threshold by multiplying a percentage P by the number of 
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available queue slots for the port number 



Q 

i ^ 



rii 

L 
b 



Docket No. RSW-OO-OOlO 



11 



